Tor developers rush to plug security hole that could identify users

Exploit developed by Carnegie Mellon University enables attackers to identify Tor users

The developers behind the open-source anonymous web-browsing tool Tor are rushing to patch a critical security hole after discovering a group of relays that appeared to be trying to de-anonymise users.

Tor is widely used around the world to enable people to browse the web anonymously - to get round blocks installed by repressive governments, for example - and to access sites operating in similar anonymity that would otherwise be difficult to locate.

Tor's security works on a number of levels. First, it encrypts all traffic from a specially tailored version of the Firefox web browser. In the process, it also disables a number of typical internet tools, including cookies and Adobe Flash, as they can be used to track and identify users in normal browsers.

Traffic is routed via a network of about 4,500 servers operated by volunteers, with each relay only decrypting enough of the data-packet wrapper to identify which relay the data came from and where to forward it to. In theory, data cannot be fully traced in Tor, but in practice it may only be as secure as the anonymous volunteers running the network. It has long been speculated that some of the organisations behind these include security services monitoring traffic.

The Tor Project admitted the attack yesterday: "On 4 July 2014 we found a group of relays that we assume were trying to de-anonymise users. They appear to have been targeting people who operate or access Tor hidden services. The attack involved modifying Tor protocol headers to do traffic confirmation attacks," it stated in a security advisory.

It continued: "The attacking relays joined the network on 30 January 2014, and we removed them from the network on 4 July. While we don't know when they started doing the attack, users who operated or accessed hidden services from early February through 4 July should assume they were affected."

The open-source developers behind Tor are still unclear about the precise nature and provenance of the attack, although it has been speculated that it was part of an effort by researchers at Carnegie Mellon University to demonstrate a security flaw in the Tor network.

They had been due to demonstrate Tor security flaws at the Black Hat security conference in Las Vegas, Nevada next week, but had been blocked following the threat of legal action. Michael McCord and Alexander Volynkin had been due to present a paper entitled "You Don't Have to be the NSA to Break Tor: De-anonymising Users on a Budget".

The admission comes just days after Russia's interior ministry offered a reward of about £65,000 to anyone that could crack Tor's security.

Lance Cottrell, founder and chief scientist of Anonymizer.com, a commercial service offering anonymous browsing to end users, described the successful attack as "inevitable".

He said: "This is just another vulnerability that allows hostile Tor node operators to compromise user anonymity. It's inevitable given the architecture. Tor attempts to improve user privacy by having a large number of volunteers running their servers, and sending traffic through chains of three servers so no one person need be trusted.

"Unfortunately anyone can set up servers, and well-funded attackers could set up large numbers of them. Using vulnerabilities in the Tor protocol and modified servers these attackers have and will continue to be able to unmask Tor users and hidden Tor services.

"Tor generally chooses its chains of servers randomly. If an attacker controls a large number of servers, then there is a reasonable chance that they will control both the first and last server in the chain. This allows them to quickly identify traffic flowing through Tor and connect the users with their activity.

"The last Tor node in the chain can see the direct connection to websites. If those connections are insecure or vulnerable, the attacking exit node can modify the content to send malware or trackers to the user."

He added that it is almost certain that there are other vulnerabilities in Tor and that users should assume that intelligent services across the world are working on other ways in which Tor's security can be compromised.

Indeed, in its "Tor Stinks" document of June 2012, leaked by whistleblower Edward Snowden, the US National Security Agency (NSA) indicated that it does not conduct blanket attacks on Tor, but that it can and does conduct targeted attacks, as indicated in its Epicfail programme.

However, this programme seeks to take advantage of inexpert use of Tor to identify people.

"There are NSA and GCHQ programmes that look for cookies that survive Tor sessions (with the standard Tor browser bundle there shouldn't be any). The most powerful attacks against Tor use the NSA Quantum programme. This, among other things, employs very fast servers in central locations on the internet backbone to intercept and replace 'suspicious' internet communications," write University of Kent School of Computing academics Julio Hernandez-Castro and Eerke Boiten.

Indeed, other attacks against Tor have been known for a long time. In 2005, for example, an attack showed that internet traffic analysis could be used to link different Tor connections, though this could not be used to directly identify the users involved.